﻿using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace Basic.Identity4
{
    /// <summary>
    /// identityServer配置
    /// </summary>
    public class IdentityServerConfig
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
            };

        public static IEnumerable<ApiResource> GetResources()
        {
            return new List<ApiResource>
            {
                //资源
                new ApiResource("api","SourceApi")
                {
                    Scopes={ "scope" } //指明客户端可以访问的资源
                }
            };
        }
        public static IEnumerable<ApiScope> GetApiScopes()
        {
            //主要用于为Client提供accesstoken中的scope声明的值
            return new List<ApiScope>
            {
                new ApiScope("scope") //定义服务端可以访问的资源范围
            };
        }
        public static IEnumerable<Client> GetClients(IConfigurationSection section)
        {
            var secret = section.Get<string>();

            return new List<Client>
            {
                new Client()
                {
                    ClientId="pwdClient", //客户端id
                    AllowedGrantTypes=GrantTypes.ResourceOwnerPassword, //密码模式 
                    AccessTokenLifetime=7200,
                    //AllowOfflineAccess=true, //获取刷新令牌
                    //配置 客户端模式 的密钥
                    ClientSecrets={
                        new Secret(secret.Sha256()) //Secret
                    },
                    RequireClientSecret=false, //客户端client_secret密钥可以不传
                    AllowedScopes={
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "scope"
                    } //指定该客户端可以访问范围内的 resources
                }
            };
        }


        public static List<TestUser> GetTestUsers()
        {
            return new List<TestUser>()
            {
                new TestUser
                {
                    SubjectId="1",
                    Username="test",
                    Password="123456"
                }
            };

        }

    }
}
